When was the last time you had your WordPress site checked over by an expert? A couple of months ago? Longer?

Over the years, I’ve worked on over 200 WordPress sites. Many of these were in a vulnerable state. Almost all of them would have benefited from regular maintenance.

That’s why I’ve decided to offer WordPress maintenance packages. These range from covering the basics, to site owners who need more regular assistance. Just set up the required access, and I’ll take it from there.

Every website running WordPress, or just about any other CMS for that matter, should have some security and backup system in place. Whenever I log in to a new client’s WordPress site, these are the very first things that I check.

I am continually surprised by the number of client sites I access that have no security or backup system in place.

If you’re building your first website, or having it built for you, what should be making sure is in place?

What would you do if you lost everything? That’s the question the people behind World Backup Day want you to ask yourself on 31st March. A quick look at the stats featured on the website offers a stark reminder about how important it is to get a backup system in place for all your important data.

It might not be the most fascinating topic and it’s certainly easy to keep this sort of thing at the bottom of your to-do list but it’s also an increasingly important task to check off.

This short series has looked at both how and why a WordPress website may have been hacked, so in this last part we will look at what can be done to prevent a hack occurring in the first place, or a reoccurrence. If your site has recently been hacked, the first thing is to get the hack cleaned up, but what measures can you put into place to prevent this occurring again?

The previous post looked at some of the common methods by which a hacker might gain access to a WordPress site. Understanding these methods is a crucial aspect of being able to prevent reoccurrences in future, but many site owners are left perplexed by the fact that their site has been targeted at all.

Discovering your website has been hacked easily ranks as one of the least enjoyable experiences associated with running a website. Depending on the type and extent of the hack, the cleanup process can be quite lengthy and costly, but many sites can be cleaned up very quickly. Of all the questions that arise when this happens, users are often left asking:

1) How did my site get hacked?
2) Why did my site get hacked?
3) What can we do to prevent it happening again?

These three questions are often intrinsically linked and the answer depends significantly on the site’s setup and the type of attack. In this three-part guide, each of these questions will be looked at in turn. The following assumes that the site is running on WordPress, but the principles are the same for most other popular CMSs.